Vulnerability Description
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.3t |
References
- http://secunia.com/advisories/31990Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.sVendor Advisory
- http://www.vupen.com/english/advisories/2008/2670Permissions RequiredThird Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
- http://secunia.com/advisories/31990Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01556.sVendor Advisory
- http://www.vupen.com/english/advisories/2008/2670Permissions RequiredThird Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
FAQ
What is CVE-2008-2739?
CVE-2008-2739 is a vulnerability with a CVSS score of 7.8 (HIGH). The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic tha...
How severe is CVE-2008-2739?
CVE-2008-2739 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2739?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.